We’re excited to announce the release of FlowBAT v1.2. This is a minor release containing new features, improvements to existing features, and bug fixes.

﻿New Features﻿Tuple Search: FlowBAT now allows users to filter data based on specific 5-tuple values, based on saved tuple files. These files are created similar to how lists are created. This is accomplished by selecting the “Tuple File” option in the main menu.

Once you’ve created a tuple file, you can reference it in the query builder by expanding the Additional Options section, shown here:

Tuple files can be referenced in the quick query area by using the --tuple-file command. User Configurable Temp Directory: FlowBAT creates and stores temporary files when filtering flow data. Previously, these files were stored in the /tmp/ directory. Per request, we’ve added a configuration option that allows users to specify the global storage location for temporary RWF, RWS, and Tuple files. This option can be specified by accessing the SiLK server configuration screen and inputting a value into the Temporary Storage Directory input box. If no value is entered, the default location of /tmp/ will be used. You should ensure the directory you choose is writable by the FlowBAT application.

Save Quick Queries: When creating queries through the query builder interface, an option is now present to save the query for later use. This option can be found in the final query section of the query builder page.

Improvements

The navigation bar was modified to simplify the layout and increase screen real estate. This helps maximize the area used to perform data analysis while minimizing the area needed for basic navigation tasks

Previously, when switching between the quick query screen and query builder, an existing query would auto-execute. This functionality has been modified to prevent auto-execution to prevent interface slowness and wasted processing.

The version of the FlowBAT installation was added to a footer at the bottom of the screen to help users identify which version they are using.

Query builder fonts were modified to be more aesthetically pleasing.

The installation script now asks questions at the beginning instead of during the install process.

Additional output logging was added to the installation script to help troubleshoot installation issues.

Updating FlowBAT To update FlowBAT, browse to the application directory and run “git pull”. FlowBAT will perform an in place “hot” upgrade. No service restarts are required. If you run into issues updating, please contact support at support@flowbat.com.